Security News

Mozilla: Update Firefox to avoid Netflix, Hulu streaming issues
2021-05-29 13:15

Mozilla advises Firefox users to update to the latest released version to avoid experiencing video streaming issues after Google updates the Widevine digital rights management on May 31. Once Google updates the Widevine private encryption keys and content decryption module on May 31, video streaming services using Google's DRM-protection technology will no longer work with older Firefox versions.

Icarus moment: Mozilla Thunderbird was saving OpenPGP keys in plaintext after encryption snafu
2021-05-24 17:15

Mozilla Thunderbird spent the last couple of months saving some users' OpenPGP keys in plain text - but that's now been patched, the author of both the bug and the patch fixing it has told The Register. The vulnerability, assessed as "Low" impact by Mozilla, existed in the free open source Thunderbird email client between version 78.8.1 and version 78.10.1 after a crestfallen maintainer realised carefully designed protections were in fact not protecting users' private OpenPGP keys.

Mozilla Begins Rolling Out 'Site Isolation' Security Feature to Firefox Browser
2021-05-19 07:11

Mozilla has begun rolling out a new security feature for its Firefox browser in nightly and beta channels that aims to protect users against a new class of side-channel attacks from malicious sites. "This fundamental redesign of Firefox's Security architecture extends current security mechanisms by creating operating system process-level boundaries for all sites loaded in Firefox for Desktop," Mozilla said in a statement.

Mozilla starts rolling out Site Isolation to all Firefox channels
2021-05-18 18:31

Mozilla has started rolling out the Site Isolation security feature to all Firefox channels, protecting users from attacks launched via malicious websites. Until today, Site Isolation could only be enabled by users of Firefox Nightly, the release channel used by Mozilla to test new features not yet ready for a wider rollout.

Mozilla Fixes Firefox Flaw That Allowed Spoofing of HTTPS Browser Padlock
2021-04-20 20:40

The Mozilla Foundation fixed a flaw in its Firefox browser that allowed spoofing of the HTTPS secure communications icon, displayed as a padlock in the browser address window. Successful exploitation of the flaw could have allowed a rogue website to intercept browser communications.

Mozilla drops Firefox support on Amazon Fire TV
2021-04-15 19:34

This month, Mozilla has announced plans to phase out support for the Firefox web browser app on the Amazon Fire TV product line. Although Firefox will be no longer supported on Fire TV effective at the end of this month, Amazon Silk web browser app remains available to Fire TV users.

Mozilla flooded with requests after Apple privacy changes hit Facebook
2021-04-11 15:34

Mozilla volunteers have recently been flooded with online merchants and marketers' requests for their domains to be added to what's called a Public Suffix List. Public Suffix List is an initiative of the Mozilla community volunteers to maintain a list of top-level domains and domains that should be treated as one to prevent the mixing of cookies between distinct domains.

Mozilla VPN now nudges users to put shields up on dodgy networks, adds LAN access
2021-03-30 19:35

Mozilla's attempts to augment its income continued apace with an update to the company's VPN subscription service. The update, which has landed less than a year since Mozilla first launched the service, adds two new features.

Mozilla Firefox adopts new privacy-enhancing Referrer Policy
2021-03-22 18:00

Mozilla has announced that it will introduce a more privacy-focused default Referrer Policy to protect Firefox users' privacy, starting with the web browser's next version. Once updated, the web browser will automatically trim user-sensitive information like path and query string information accessible from the Referrer URL. This URL is sent together with the HTTP Referrer header between websites during subresources requests and navigating between sites by clicking on links.

Malicious Mozilla Firefox Extension Allows Gmail Takeover
2021-02-25 17:04

A newly uncovered cyberattack is taking control of victims' Gmail accounts, by using a customized, malicious Mozilla Firefox browser extension called FriarFox. FriarFox gives cybercriminals various types of access to users' Gmail accounts and Firefox browser data.